[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question on inbound IPSEC policy check

To: Ramana Yarlagadda <ramana.yarlagadda@analog.com>
Subject: Re: Question on inbound IPSEC policy check
From: Stephen Kent <kent@bbn.com>
Date: Fri, 2 May 2003 15:22:18 -0400
Cc: "Srinivasa Rao Addepalli" <srao@intotoinc.com>, "Jyothi" <vjyothi@intotoinc.com>, <ipsec@lists.tislabs.com>
In-Reply-To: <4.3.2.7.1.20030502112555.02509100@golf.cpgdesign.analog.com>
References: <5.1.0.14.0.20030429090406.00a2fec0@172.16.1.10> <5.1.0.14.0.20030428110102.00a2ae70@172.16.1.10> <5.1.0.14.0.20030423130203.00a43540@172.16.1.10> <5.1.0.14.0.20030423130203.00a43540@172.16.1.10> <5.1.0.14.0.20030428110102.00a2ae70@172.16.1.10> <5.1.0.14.0.20030429090406.00a2fec0@172.16.1.10> <5.1.0.14.0.20030502104650.00a2a7d0@172.16.1.10> <p05100303bad8380f9480@[128.89.88.34]><4.3.2.7.1.20030502112555.02509100@golf.cpgdesign.analog.com>
Sender: owner-ipsec@lists.tislabs.com

At 11:38 AM -0700 5/2/03, Ramana Yarlagadda wrote:
>Hi,
>
>Shall we igonre the text note that i refered to in section 5.2.1  of rfc 2401.
>
>And if that is the case, then   with the setup Jyothi has described the SA
>negotiation should fail.
>
>-ramana

As I mentioned, the text needs to be fixed and I described how I plan 
to fix it, in general terms.  I can't fault anyone for interpreting 
the text in different ways, but I do believe that our goal should be 
to prevent IPsec from behaving in a "surprising" fashion. Use that as 
your guide, and you have a defensible position.

Steve

References:
- Re: Question on inbound IPSEC policy check
  - From: Jyothi <vjyothi@intotoinc.com>
- Re: Question on inbound IPSEC policy check
  - From: Stephen Kent <kent@bbn.com>
- Re: Question on inbound IPSEC policy check
  - From: Ramana Yarlagadda <ramana.yarlagadda@analog.com>

Prev by Date: RE: IPSec Passthrough
Next by Date: Re: IPSec Passthrough
Prev by thread: Re: Question on inbound IPSEC policy check
Next by thread: Re: Question on inbound IPSEC policy check
Index(es):
- Date
- Thread